How SenseNet Permission System on The Content Tree
I am still trying to understand how SenseNet permission system works.
For that I read SenseNet wiki pages and done following use case diagram:
I did not understand "permission tree", "Explicite list", "Effective list" concepts and the visualized trees in the Permission Queries wiki page.
Could you please explain the example in the wiki page.
Thanks,
One permission entry is any permission setting on a content for an identity (user or group). For example: first, you allow the Open permissions on the /Root/Folder1 for User1. This is an explicit entry. In a next step, you allow Open permission for the User2 on the same content. These two setting are two explicit entries what we call explicit list. This is similar to Windows ACL.
This list affects the whole subtree because a content's permissions can be inherited from the parent. For example User1 and User2 have Open permission on the /Root/Folder1/Document1 but these permissions are inherited from the /Root/Folder1. So the Document1 has two permission entries even though you did not set anything on this content. These entries are effective entries what we call effective list.
The permission tree is a virtual tree that is the mutation of the big content tree and contains only contents that have explicit permission entries. In fact, it is an existing object, resides in the permission system internally and it is built for faster evaluation purpose. It is easier to understand through a content chain. For example you have a document in depth: /Root/Sites/DemoSite/Workspace1/Doclib/Folder/Document1 and the following contents have explicit entries: Root, DemoSite, Doclib, and Document1. Then the permission tree contains only these nodes: /Root/DemoSite/Doclib/Document1. In this tree, the parent of the Document1 is the Doclib.
- Path Too Long Error when importing into Sensenet
- SenseNet.ExclusiveLock.MsSql component is missing
- How to override groups permission over users permission in SenseNet?
- Sensenet: Documents Sharing
- File "delete" option missing from Sense/Net7
- Problem with the instalation of SenseNet in Windows Server 2008 R2
- (Sensenet) How to Create Folder with Name and Display Name are different from Dotnet Client(sn-client-dotnet)?
- How would I implement a company profile in sensenet?
- How to add a newly created user to a specific security group in sensenet?
- UTC offset error when installing the Sensenet Service package via SQL Server Authentication
- Asp.Net MVC - SecurityException: The source was not found, but some or all event logs could not be searched. Inaccessible logs: Security
- ReflectionTypeLoadException: Could not load types after publishing a asp.net mvc project on azure
- Error installing Sensenet 7.2 from NuGet
- Splitting Sensenet content repository into multiple databases
- How to update Custom Fields after File Upload using SenseNet dotnet client
- Cross-origin resource sharing setting isn't applied
- In sensenet (v 7.0.0) after add new user content explorer shows a 404 page
- Can I count the number of results in my Lucene query
- How SenseNet Permission System on The Content Tree
- How to get highlighted text from content search in sensenet
- Office integration with custom OAuth provider
- Sensenet : Search documents by its content
- SetPermission With sensenet API - version 6.3
- SenseNet Content Security Model How to read View PermissionInfoView
- How to fetch only count of documents in sensenet by oData query
- Where is the Startup class?
- Sense/Net download text file
- Sensenet Content Picker Customization
- Uncaught DOMException: Blocked a frame with origin "http://localhost:8090" from accessing a cross-origin frame when I add Sensenet in iframe
- Set permissions to see only major versions without drafts